025c3f7f3e0ec20b1e41821a94538838_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

025c3f7f3e0ec20b1e41821a94538838_JaffaCakes118
Size

88KB
MD5

025c3f7f3e0ec20b1e41821a94538838
SHA1

ce3065cde384cba2d0e826baf399644735a77123
SHA256

d8dbb0baaf08a1bd505fe08c4263224244f41426057dd339d06861b9d4bf5f30
SHA512

4294405de6e6934fa0b1b91cd9ea5e940685bf6d7288a82e6d5981abbf0a264d6ced0db7f562b18f62690f89fab00eadf4bda4d31ca69f23e78b5e49a4faab5a
SSDEEP

1536:GpPhgCqmt9AiAsweTe93QnPd5xaj12qwn4t8vIHXd586/FQZiiCPL:yPhgqt9AAweK3QPlas4t8CXd5vNBiCP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
025c3f7f3e0ec20b1e41821a94538838_JaffaCakes118

Files

025c3f7f3e0ec20b1e41821a94538838_JaffaCakes118
.dll windows:4 windows x86 arch:x86

9599eb2f712c3885cc40a5e80c382e85

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetCurrentDirectoryA
LoadLibraryA
GetDateFormatA
SetErrorMode
GetProfileIntW
GetAtomNameW
LocalAlloc
GlobalGetAtomNameW
CallNamedPipeA
EnumResourceLanguagesA
GetProcAddress
GetStartupInfoW
MoveFileA
GetFileAttributesW

ole32

StgOpenStorageOnILockBytes
CoCreateFreeThreadedMarshaler
OleCreateLink
CoCreateInstanceEx

advapi32

SaferCloseLevel
RegSetValueA
CredFree
GetEffectiveRightsFromAclW
SaferGetPolicyInformation
OpenProcessToken

shell32

ShellAboutA

gdi32

DeleteDC
CreateHalftonePalette
BeginPath
StartPage
RealizePalette
CreateICW
StrokeAndFillPath
GetWinMetaFileBits
EqualRgn
BitBlt
GetBkColor
CreateICA
SetMapMode

Exports

Exports

d3dMousedsc

Sections

.text
Size: 68KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ